Chapter 8. Security
Access Lists / Extended IP Access Lists
Many types of access lists are available in Cisco IOS Software for many different protocols. Here is a complete list.
You are permitted one access list per protocol, per interface, per direction.
FIGURE 8-1 Access control lists
At the end of every access list is an implied "deny all traffic" access control entry (ACE). Therefore, if a packet does not match any of your criteria statements, it is blocked.
Remember that the order of access list statements is important! For example, if you ...